Subscribe on your preferred podcast platform

RSS logoSpotify logoI heart logoApple podcastsyoutube logo

Featured Posts

Episode 13: Confronting Hubris: Mind the Gap!
Listen
Read Post
Episode 12: Navigating the Data Breach Epidemic
Listen
Read Post
Episode 11: Cybersecurity: A Shared Responsibility in the Digital Age
Listen
Read Post
Episode 10: Futureproofing a profession
Listen
Read Post
Episode 9: Why You Need Cyber Security Awareness Month
Listen
Read Post
Episode 8: Turning Vision into Reality
Listen
Read Post
Episode 7: The Increasing Threat of Cyber Warfare
Listen
Read Post
Episode 6: Accessibility and Cyber Security with Lisa Vincent
Listen
Read Post
Episode 5: Ransomware and Cyber Extortion
Listen
Read Post
Episode 4: Cyber Attacks and Digital Forensics Incident Response
Listen
Read Post
Episode 3: Day in the Life of an Ethical Hacker
Listen
Read Post
Episode 2: Legal Considerations of AI
Listen
Read Post
Episode 1: Social Proof in the Age of AI: Bring Back Stranger Danger
Listen
Read Post

In this episode, we speak with John Karabin, Chief Cyber Security Strategist at McGrathNicol. John brings decades of experience in cyber risk management and governance and shared his insights on combating cyber security hubris, addressing insider threats in hybrid work environments, and staying proactive against evolving cyber risks. Subscribe to the Bytes podcast for more conversations like this.

Key Takeaways

  • Cyber security Hubris: John  emphasises the dangers of overconfidence in cyber security, where organisations either underestimate threats or overestimate their technological defences. This hubris can lead to critical gaps in security posture.
  • The Importance of Communication and Culture: Effective communication between technical teams, leadership, and employees is essential. Karabin highlights the need for translating technical cyber security language into terms that resonate with executives and employees, fostering a culture of awareness and vigilance.
  • Evolving Insider Threats: The shift to remote and hybrid work environments has made insider threats more complex. Organisations must implement both human-centric strategies (e.g., training, clear access controls) and technical measures (e.g., least privilege access, user behavior monitoring) to mitigate risks.
  • Proactive Defence Strategies: John stresses the importance of regular risk assessments, understanding organisational assets (especially data), and adopting tailored frameworks that align with the organization's size and industry. He also advocated for tabletop exercises and simulations to prepare for incidents effectively.
  • AI's Role in Cyber security: AI is both a challenge and a tool in cyber security. While it lowers the barrier for attackers through automation and social engineering, it also offers opportunities for anomaly detection and insider threat monitoring when integrated thoughtfully.
  • The Changing Role of CISOs: The Chief Information Security Officer (CISO) role has evolved into a more strategic position, requiring strong leadership, communication skills, and the ability to align cyber security initiatives with business objectives.

Subscribe to Phriendly Phishing Updates
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
COMPANY
About UsBlogFAQContact UsPartner Information
SOLUTIONS
Phishing Awareness TrainingSecurity Awareness TrainingEnterprise Security AwarenessSMB Security AwarenessUSB Drop Testing & ReportingPhish Focus Email Triage
RESOURCES
Case StudiesTraining Buyer's GuideCourse CatalogueOnline Knowledge BaseAccount LoginCyber Security Awareness MonthWebinarsPodcasts

Phriendly Phishing Copyright © 2025

Privacy Policy | Terms and Conditions